[ntp:questions] Re: Can you test my server please.

Danny Mayer mayer at gis.net
Wed Dec 1 01:31:28 UTC 2004

At 06:57 PM 11/30/2004, Brad Knowles wrote:

>>  This has nothing to do with pool. The server shouldn't be in the
>>  pool if it requires client authentication.
>         We've been talking about things that pool server operators can do 
> to try and reduce the abuse of their systems.  If pool servers shouldn't 
> require client authentication, then we don't have to worry about whether 
> or not the feature is present or not.
>         If you have any other ideas of things that the pool server 
> operators could do to try and protect themselves against misbehaving 
> clients (which ignore KOD, etc...), I'd love to see what you've got in mind.

Brad, as you know, DNS is totally agnostic as to which IP address
it returns from the pool. It really doesn't know any different. The DNS
cannot restrict or favor servers dependant on server load, operator
preferences, etc. The only thing that MIGHT help there is SRV records
and I'm not even sure about that and ntpd has not been coded to use
SRV records. If the pool operator doesn't want literally anyone and
everyone to access their NTP server then they really should not be
putting it in the list. Currently it's just round robin.


More information about the questions mailing list